top of page
Search
  • Writer's picturemadhukeshwar bhat

Cybersec Newsletter- H1’24


I am bringing out this half yearly newsletter, summarizing my key article publications done during the first half of 2024. Thanks for the great responses to my cybertalks It has been an exciting journey so far.

 

When cybercrime is sold in a sophisticated fashion similar to Software as s Service (SaaS), it becomes, Crime as a Service. It has made it easier for criminals, who are not even tech-savvy yet want to wage cyber war. CaaS platforms typically operate on the dark web, using anonymizing technologies to hide the identity of both buyers and sellers. The range of activities could be denial-of-service (DDoS) attacks, spam campaigns, ransomware attacks, credit card fraud, and many more. The anonymity makes it very hard for law enforcement agencies to bring these criminals behind bars.


 

In the virtual world or online universe, there is no possibility of humans validating the authenticity of someone or something trying to interact with the computer system. Hence, there needs a sophisticated and secure mechanism to ensure the right entity can only get into the computer. That is where authentication comes into the picture. Authentication plays the role of gatekeeper ensuring secure access.

 

 

Cybersecurity and automation complement each other. Automation is greatly helping cybersecurity by taking on tasks, which are almost humanly impossible. However, it has pushed more and more digitization, due to which our reliance on computers has increased greatly; thus, more opportunities for criminal hackers to play around.


 

 

User experience plays a vital role when it comes to user adoption of new tools. This applies to any kind of tool we need users to make use of. Especially, when it comes to Identity & Access Management (IAM), this is even more important. This is because there are increased user interactions with IAM tooling. Unless we provide a great user experience, it results in users not using the tooling, thus, not accomplishing the security goals for getting the tooling in the first place.

 


Malware in simple terms is malicious software. It is designed to get into the victim’s computer systems via various means, such as social engineering techniques, visiting bad or already infected websites, opening insecure email attachments etc.Once they get into our computer they execute their malicious code, which is also called payload. In order to continue to exist in our system, they change various settings such as registry entries. Then the exploitation starts, with one or more possibilities such as:

·         malware sending sensitive information to the criminal hacker

·         allowing hackers to remote control the system

·         registering your system as part of a malicious botnet, which can be leveraged for various means, such as DDoS attacks

·         locking files and seeking ransom to release 

 



Zero-day vulnerabilities are security flaws or weaknesses in software unknown to the vendor or the public. Why these are called zero days? Because developers have literally "zero days" to fix the vulnerability or release a patch before it is exploited by criminal hackers. In other words, the vulnerability becomes known to attackers before it becomes known to the software or system's developer.      Zero-day vulnerabilities pose significant risks to our technology-fuelled digital world. There is absolutely no way that one can build a flawless system. This is what is exploited as zero days. If everyone contributes in their best capacity to reduce risk, the negative impact can certainly be brought down. Security researchers to contribute via help reporting these vulnerabilities when they come across, and the general public and organizations apply patches in a timely manner. This is how we can reduce the risk of zero days.



 




 

Criminal hackers employ various tactics to get into an organization’s technology infrastructure. One of the indirect ways is via supply chain attacks. While the organization might have robust cybersecurity controls built in, the hackers might use the organization’s supply chain in this case to break in. The entry into the organization via suppliers or partners or any others in the supply chain is the modus operandi of a supply chain attack.How is it possible?

·         Using the weakest link in the supply chain

·         Injecting malware into one of the supply chain links

·         Exploiting known vulnerabilities

·         Introducing counterfeit hardware into the supply chain

The impact of a supply chain attack could be serious resulting in:

·         Unauthorized access to sensitive information

·         Intellectual Property losses

·         Service disruption

·         Lost reputation and customers

·         Financial loss

While the impact seems worrisome, there are ways to prevent supply chain attacks as well:

·         Employing detailed risk assessments of the supply chain

·         Vendor assessments

·         Follow security best practices such as encryption, digital signatures

·         Establish the process for ensuring an authentic supply of hardware and software  

 





Can users be leveraged as an attack surface in cyber attacks?Very much yes! While you and I might not be part of a computer system, our interaction channels create an extended attack surface for cybercriminals to launch attacks.What are the various channels?

·         Phishing Attacks

·         Weak Passwords

·         Social Engineering

·         Malware and Ransomware

·         Unpatched systems

·         Removable Media

   


0 views0 comments

Recent Posts

See All

Comments


Post: Blog2_Post
bottom of page